Ping and traffic between X Ports
Hello,
i worked a lot with other firewalls like Sophos, Securepoint, Lancom, TP-Link and so on, but Sonicwall seems to be very special.
I've been trying for about 3 days now to get the firewall to ping between port X0 (LAN : 10.0.0.0/24) and port X2 (LAN2 : 192.168.0.0/24).
The ports themselves can be pinged, but the devices and clients behind them not.
Neither pinable nor reachable from other subnet.
The Sonicwall itself can ping the clients in both subnets.
I set policy rules and checked "PING" and "Management traffic allowed" but nothing.
I'm too stupid to get that to work. :-(
What am I doing wrong? Where did I miss something?
It can't be that difficult.
On other firewalls it´s easy to config and get it to work.
I'm really getting desperate and about to give up.
I hope someone can help and give me a hint.
Thank you <3
Answers
What do your firewall rules between LAN and LAN2 look like? Have you run a packet capture to see why the drop is occurring?
Read up on Zone-based firewall concepts.
It´s the default access rule:
It says any to any, but ping wont work and reaching clients in "LAN-Intern" doesn´t work, too.
@Nikuda just crank up a Packet-Monitor and look for ICMP traffic, that'll show you if anything is getting dropped. If nothing gets dropped and you just see the "ECHO REQUEST" but no "ECHO REPLY" you probably have a routing problem or the switch isn't configured correctly.
I assume X0 and X2 are connected to a switch and are sitting in different VLANs?
You usually don't need to allow Management Traffic, except you need to access X2 IPv4 IP from a host connected to X0.
--Michael@BWC
"I assume X0 and X2 are connected to a switch and are sitting in different VLANs?"
No, there is no VLAN and no switch connected.
I put my notebook, for testing, directly on X2 port.
The ports themselves can be pinged, but the devices and clients behind them not.
The "Allow Management Traffic" option is specifically to handle traffic to the firewall. I wouldn't expect this to work when the destination is not the firewall, although it might.
make sure your Windows Firewall isn't filtering anyting out
That was the problem. Shame on me :-(
I allowed ICMP through Windows Firewall but it doesn't work.
It only worked when the Windows Firewall was switched off.
New problem in Windows 11?
Now ping works and the clients are reachable.
@Nikuda I'am glad you've got that resolved :)
--Michael@BWC